In a media release they said, “user names and passwords related to our client service center” were compromised by an intruder operating under a foreign IP address.